1. Field of the Invention
The invention concerns the safety of confidential information contained in integrated circuits.
2. Description of the Prior Art
In a certain number of integrated circuit applications and, more particularly, in the circuits contained in cards known as "chip cards", it is necessary to prohibit access by unauthorized persons to confidential information stored in a memory of the circuit.
This confidential information is stored, for example, in read-only memories (ROMs) or else in electrically programmable non-volatile read-only memories (EPROMs or EEPROMs).
Of course, for this information to be truly inaccessible, the data recorded in the memory should not be given at the input-output terminals of the integrated circuit. In practice, it has therefore been provided that, when the degree of confidentiality is especially high, the confidential information is processed by a microprocessor contained in the same integrated circuit as the memory. Thus, the information circulates within the integrated circuit, between the microprocessor and the memory, but it does not reach the external terminals of access to the integrated circuit. This precaution may concern the reading of the information: this information is read and exploited by a microprocessor which will not transmit them to the exterior. It may also concern the writing of information in the memory in the case of electrically programmable memories: a microprocessor writes pieces of information that it has itself determined, the mode of determination being unknown to the user, and at no time do the written pieces of information appear at the external terminals.
It was observed, however, that it was possible to gain access, at least partially, to the content of the memory in a roundabout way which would consist in measuring the current consumed by the integrated circuit during an operation for reading the memory or a writing operation.
In fact, the operation for reading a 0 bit does not consume the same amount of current as the operation for reading a 1 bit. The same applies to the writing operation. If the memory is read or written in eight-bit words, the difference between the reading (or writing) of eight 0 bits and the reading (or writing) of eight 1 bits is even greater than that of one bit.
For example, the reading of one memory bit may consume 200 microamperes for a 1 bit, and no current for a 0 bit in the case of a read-only memory encoded by the presence or absence of a transistor at the address of the bit considered. Similar examples may be given for EPROMs or EEPROMs in both reading and writing. Consequently, it is possible to partially or totally decipher the confidential content of a memory by observing the current consumed during the reading or writing of this memory. A user with fraudulent intent could measure the current consumed between the general supply terminals (necessarily accessible outside the integrated circuit).
As an example of possible fraudulent behavior in the reading of confidential information: it is possible to read a confidential programme stored in a read-only memory in the integrated circuit, or a confidential enabling code stored in an electrically programmable memory of the circuit.
Another example of fraud, this time concerning the writing and not the reading of confidential information, would be the following one: in certain protected circuits, there is provision for the user to introduce an enabling code through a keyboard whenever he wishes to use the circuit. To prevent fraud involving all the systematic introduction of every possible code, there is provision for storing an error bit in the memory whenever a wrong code is introduced. At the end of three errors, the three error bits trigger a block in the working of the circuit. But, here again, it is possible to detect the consumption of the current and to deduce therefrom that an error bit is being stored; this knowledge would be used to very swiftly interrupt the memorizing of the error bit, thus annihilating the protection that relies on the possibility of storing three error bits without the user's being aware of it, when there is a successive introduction of wrong codes.
The present invention seeks to prevent these possibilities of fraudulent behaviour, chiefly in the reading but also, as the case may be, in the writing of confidential information.